• Announcements

    • Marcos

      Filecoder.Crysis updated to decode .dharma files   03/01/2017

      We are happy to announce you that we have updated the Filecoder.Crysis decoder to support decryption of files with the .wallet and .onion extensions. The decoder is downloadable from https://download.eset.com/com/eset/tools/decryptors/crysis/latest/esetcrysisdecryptor.exe.
needhelp

Is this an attack?!

9 posts in this topic

I noticed a change on my website kaspersy.cloud . A lot of redirects and I never to get to my page. Could it be the result of an attack?

Edited by needhelp

Share this post


Link to post
Share on other sites

Unfortunately, the description of the issue is quite vague so we have no clue what the issue is. Please elaborate more.

Share this post


Link to post
Share on other sites

Hi

Its Malicious Website :[

Full info: https://sitecheck.sucuri.net/results/kaspersky.cloud

Code WWW:

/search/redirect.php?f=http%3A%2F%2Fwd15303.com%2Fctrd%2Fclick%2Fnewjump1.do%3Faffiliate%3D45549%26subid%3D857472%26ai%3DNOd6my5HJjbQ5Bmh1MOctoiWnz4bm-rqhj-_HCCaMSdYN4JpBq0TIYv6GQ3IKS3EVFsmHX66N835_mZXT7vNW9vvca8gmMnO5x8NCD0RZVwR1MXv4ajm5fLSPbEY3BsnSU4GERBIkCl6rbQGKLXdVK8TiGzzSdDeKVT6ggyQsPpKwHeC2-LQ1QkTHTEwcR_Wy50rZ3Sih_Q5p-2W5Ha6hIhlTKmSwK_XoisNu0eJs2Ws0nWi5o_ZNnBlf9IrIm4wj0QuEqHDQ-AcNaORiH06QwT-yoD9gWoxXj69YJUCKu_8NkWQiTtUxQ5Zes30u1QxtjI6-Z__CM1hQKddvkOZ85tfDhpZu19BKU9hiHolQhyMRRHInLvtnlkKEvWI1OOqOFNHHF132Z7PncYNbaVLycbrpFfdLb7PAwQn683JSWaH4a20KhSRJA&v=NDg1MDU1NzE4MmI4MWMxODI3NzFmOTY1NDMzNDU0ZGMJMQlrYXNwZXJza3kuY2xvdWQ1OTFkN2MyYzQwMzM0Ni41MzE2MzMyMAlrYXNwZXJza3kuY2xvdWQ1OTFkN2MyYzQwMzc5NC4wNTU2MzI2MQkxNDk1MTA0NTU2CWFkXzdfMA==&l=NglBRFMJZmEwMjFhMDk4YWE2YWE5MzNiNzc1OGQzMjFkNzdiNjEJMAkxMwkJMzEJMwkxCTAJMWRmNTQzNmM3MjkxMzZmZTU4OWY1ZGEwNzJkMTM1ZWQJaHR0cDovL29wZW5zb2Z0d2FyZXVwZGF0ZXIuY29tCTI1MDQyMjYyNAljCTE0NDU2MwkJS2FzcGVyc2t5CTEwMTEJNwk1CTU5CTE0OTUxMDQ1NTYJMC4wMDA4MTYJTgkwCTAJMAkJCQkJCWthc3BlcnNreS5jbG91ZDU5MWQ3YzJjNDAzMzQ2LjUzMTYzMzIwCTAJCTEJODMwCTExMTkJMjM3MTEyMDY4CQkxNzMuMjU1LjIzMy4xMjQ%3D
/search/redirect.php?f=http%3A%2F%2Fwd15303.com%2Fctrd%2Fclick%2Fnewjump1.do%3Faffiliate%3D45549%26subid%3D857472%26ai%3DhSMDV8Yx0xdVQnwu8u5JHlpskdGaIMukxej-Arh6N_KeHXwrHOdAjYgR-vYSaQp2hP6go9PTWi9Pej5m-rmQeak5_9R3I5umnTQLg-BVmTDfUU3bEZL_dNtrsPkSGQ43IHTicG30cYp3eEKDh1IWGIicI8bccdTw3xILFMyR3hG5tLJjd9biebF8o_8yNWDYWgKFGTpkV8EKegX3WVGlTDswVr0jaAt3WobimN5MTSBKUl11Dy9FL_LT2Qmz-bbTBtLoj2WnLBFliMg9dJKJpje-iCdyrwS_o84vJCdsUd4wzGkNQYw9me2k3bWsRPAuoxfVusEEqgvePP39USGwbW_L4DZmBEJ_HeLxVVplYxW8KvorWpWnQYV0z-2TbU26rUFX-1FvTL5j-lC_wQIekwz1TkX0FIiW0gY--mZUjNwNXHDTcbT7HXVUNeuUbzI0fvcAMsxWPY8N_BLE59ecivkgeCshFM4WI-WDeSHQlJs&v=NjM5ZmE5N2U3Zjg3NGY5ODU5NjVhYjcxZWQ5NjMwYWUJMQlrYXNwZXJza3kuY2xvdWQ1OTFkN2MyYzQwMzM0Ni41MzE2MzMyMAlrYXNwZXJza3kuY2xvdWQ1OTFkN2MyYzQwMzc5NC4wNTU2MzI2MQkxNDk1MTA0NTU2CWFkXzdfMQ==&l=NglBRFMJMzQ2ZmFhYzQwZGNmNGRlNDFmZmU2ZTExNmU5YmVjZGYJMAkxMwkJMzEJMwkyCTAJY2M0NzNiODgxOGE2MWM0MzFiM2Q3ZGY5Y2UzN2EwOTkJaHR0cDovL3d3dy5jb3Vwb25zLmNvbS9peXQJMjUwNDIyNjI0CWMJMTQ0NTYzCQlLYXNwZXJza3kJMTAxMQk3CTUJNTkJMTQ5NTEwNDU1NgkwLjAwMDgxNglOCTAJMAkwCQkJCQkJa2FzcGVyc2t5LmNsb3VkNTkxZDdjMmM0MDMzNDYuNTMxNjMzMjAJMAkJMQk4MzAJMTExOQkyMzcxMTIwNjgJCTE3My4yNTUuMjMzLjEyNA%3D%3D
/search/redirect.php?f=http%3A%2F%2Fwd15303.com%2Fctrd%2Fclick%2Fnewjump1.do%3Faffiliate%3D45549%26subid%3D857472%26ai%3DdBYLfWZ1XtWH705NDLTv31LauvxnLQIZr8sfcHrniRqAMj1hnF3H324wXNjqYPLxxS2xNZ4ZVQz55avoxhOUbH0FQZi6xGo8SeGQAw3KuHj0xvMCEjgc55cIcnMaO8GceHfBElhAQsqvFoDTJ0r6WKHh15UZp2aixMJTf-_7Tt8WQu_wbWNd2pYDgXwM11_rxlv_bcvUhJw5ilXi_DAHP2R-QUo6dsbRSffKq5kSr0XN09OcBOGch6Qvqxqj48m4LhJ6At-aQ5Etfe9vTIkdcU7SGLYcz0C_0WgUaSIgStPHBVN5tdutmWWCjLr8MylhyNc4VDBGjyY4TXV_3JjJD4fs9PpRbrD-zT8fA4TWVvQnayLK5s7jFiT0uiDRdzPJmGUi2E2MmjvF8TR9bBC2gfRk4AB0sZG1PoDDeD46Zk3pJ67kwcCrfu2wvUEdOBgpSy8raHNESUffN4I5OnWAQl5zKoLcVUsD2GG5WimRPI8&v=MTY4YzJlMWJjOGE5ZmI4OWJiNTFiYzBiOWE0MzFlNTYJMQlrYXNwZXJza3kuY2xvdWQ1OTFkN2MyYzQwMzM0Ni41MzE2MzMyMAlrYXNwZXJza3kuY2xvdWQ1OTFkN2MyYzQwMzc5NC4wNTU2MzI2MQkxNDk1MTA0NTU2CWFkXzdfMg==&l=NglBRFMJZDkyNDA1ZWQxMDVmOGI4YzVjNzcwNzNhN2UwMTA3ODYJMAkxMwkJMzEJMwkzCTAJZjQ5MGI1ZGZmM2I0YzMxNTM3MzBhZDJlN2Q1YmUxNDIJaHR0cDovL2Rpc3BsYXl1cmwuY29tCTI1MDQyMjYyNAljCTE0NDU2MwkJS2FzcGVyc2t5CTEwMTEJNwk1CTU5CTE0OTUxMDQ1NTYJMC4wMDA4MTYJTgkwCTAJMAkJCQkJCWthc3BlcnNreS5jbG91ZDU5MWQ3YzJjNDAzMzQ2LjUzMTYzMzIwCTAJCTEJODMwCTExMTkJMjM3MTEyMDY4CQkxNzMuMjU1LjIzMy4xMjQ%3D

Share this post


Link to post
Share on other sites

Sucuri states that kaspersky.cloud is "safe" when I just checked. I just scanned the same site at VirusTotal and 0/64 detections.

Are you stating that Eset alerted on this website?

 

Share this post


Link to post
Share on other sites

Hi.

No, but there are many redirects to different pages. This can be seen especially after URL`s code pages, some of which I posted earlier.
Other products qualify this site for the Malware Site/Malicious Website

Edward

Edited by EdwardTus

Share this post


Link to post
Share on other sites

FYI - the valid url for the Kaspersky cloud is cloud.kaspersky.com; not kaspersky.cloud.com.

Share this post


Link to post
Share on other sites

Hi.

URL is valid: kaspersky.cloud but not cloud.kaspersky.com or Kaspersky.cloud.com.

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!


Register a new account

Sign in

Already have an account? Sign in here.


Sign In Now

  • Recently Browsing   0 members

    No registered users viewing this page.